User Controls

Navigation

Niggas in Space > Technophiliacs & Technophiles > DNSmasq Captive Portal

DNSmasq Captive Portal

  1. 2017-03-22 at 2:22 AM UTC
    #1
    SBTlauien African Astronaut
    So I have this captive portal set up on my Android phone and it works well. It redirects everyone that connects to my hotspot and attempts to navigate to an HTTP web page within their browser, to a local page(index.html) that I host on my phone. On this web page there is a button that leads to another page(agree.html). When this second page is loaded, my server detects which local IP requested it and adds them to a little list so that it knows who agree to my terms.

    What I need to do, is allow those that agree to my terms, to be free to navigate the internet.

    I am using DNSmasq to redirect all addresses requested to my server(well almost. I actually use 'iptables' as well but that's just to change from port 80 to 8080). I use the following argument when I start DSNmasq to apply this redirection.

    --address=/#/192.168.43.1


    As you can see, that is going to redirect all traffic to my server. I'm still not sure if I can change these rules while DNSmasq is running, or if I have to stop and then restart DNSmasq.

    How would I go about allowing certain IP bypass the above rule but still force all other requested address to my server?
  2. 2017-03-22 at 2:29 AM UTC
    #2
    aldra JIDF Controlled Opposition
    https://www.snbforums.com/threads/per-client-dns-enhancementing-dnsmasq-for-local-domains.20346/

    looks like you might be out of luck

    it's easy enough, as you posted to force DNS requests to a user-defined server for specifically requested domains, but I've skimmed the documentation and manpage and couldn't see a way to force requests based on requester IP or MAC address.
  3. 2017-03-22 at 2:36 AM UTC
    #3
    SBTlauien African Astronaut
    Originally posted by aldra https://www.snbforums.com/threads/per-client-dns-enhancementing-dnsmasq-for-local-domains.20346/

    looks like you might be out of luck

    it's easy enough, as you posted to force DNS requests to a user-defined server for specifically requested domains, but I've skimmed the documentation and manpage and couldn't see a way to force requests based on requester IP or MAC address.

    How do these captive portals at coffee shops, and fast food joints, do it? There must be a way.

    I was thinking that I may have to set it up so that as people connect to my hotspot, I take their IP addresses as they each join, and set up some rules. I'm just not sure how.
  4. 2017-03-22 at 2:55 AM UTC
    #4
    aldra JIDF Controlled Opposition
    yeah, I meant specifically with dnsmasq though. a lot of routers actually have a kiosk mode built in; if you're wanting to script it yourself the easiest way would probably be with apache/nginx and a server-side scripting language like php/python/perl etc. writing iptables rules on the fly
  5. 2017-03-22 at 3 AM UTC
    #5
    SBTlauien African Astronaut
    I think I may have found something of use...

    http://www.linksysinfo.org/index.php?threads/assign-specific-dns-to-only-certain-clients.68865/
  6. 2017-03-31 at 5:51 AM UTC
    #6
    SBTlauien African Astronaut
    Is this command...

    awk 'BEGIN { FS="\t"; } { system("$IPTABLES -t mangle -A internet -m mac --mac-source "$4" -j RETURN"); }' /var/lib/users


    ...opening '/var/lib/users', using tab as a file separator, grabbing the 4th item that's been separated, and iterating through the file running this command for each line?
Jump to Top